PT-2024-7576 · Linux+7 · Linux Kernel+7
Ryusuke Konishi
·
Published
2024-09-09
·
Updated
2025-09-29
·
CVE-2024-47757
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.58
Description
The issue is related to the function
nilfs btree check delete() in the nilfs2 module of the Linux kernel, which can cause memory access outside the block buffer when retrieving the maximum key if the root node has no entries. This can happen if the b-tree root node read from a device is configured that way. The problem is fixed by adding a check for that case.Recommendations
For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider restricting access to the nilfs2 module until a patch is available.
Exploit
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu